diff --git a/rules/javascript/express/reduce_fingerprint.yml b/rules/javascript/express/reduce_fingerprint.yml
index c7d090713..35a275ba4 100644
--- a/rules/javascript/express/reduce_fingerprint.yml
+++ b/rules/javascript/express/reduce_fingerprint.yml
@@ -32,7 +32,7 @@ metadata:
 
     By default, Express.js sends the X-Powered-By response header banner. This can be disabled using the app.disable() method:
 
-    ```
+    ```javascript
       app.disable('x-powered-by')
     ```
 
diff --git a/tests/javascript/express/reduce_fingerprint/__snapshots__/test.js.snap b/tests/javascript/express/reduce_fingerprint/__snapshots__/test.js.snap
index 9ddc8649f..e5c7579a9 100644
--- a/tests/javascript/express/reduce_fingerprint/__snapshots__/test.js.snap
+++ b/tests/javascript/express/reduce_fingerprint/__snapshots__/test.js.snap
@@ -11,7 +11,7 @@ exports[`javascript_express_reduce_fingerprint insecure 1`] = `
       ],
       "id": "javascript_express_reduce_fingerprint",
       "title": "Security misconfiguration detected (server fingerprinting).",
-      "description": "## Description\\n\\nIt can help to provide an extra layer of security to reduce server fingerprinting. Though not a security issue itself, a method to improve the overall posture of a web server is to take measures to reduce the ability to fingerprint the software being used on the server. Server software can be fingerprinted by quirks in how they respond to specific requests.\\n\\nBy default, Express.js sends the X-Powered-By response header banner. This can be disabled using the app.disable() method:\\n\\n\`\`\`\\n  app.disable('x-powered-by')\\n\`\`\`\\n\\n## Resources\\n\\n- [Express Security Best Practices](https://expressjs.com/en/advanced/best-practice-security.html)\\n",
+      "description": "## Description\\n\\nIt can help to provide an extra layer of security to reduce server fingerprinting. Though not a security issue itself, a method to improve the overall posture of a web server is to take measures to reduce the ability to fingerprint the software being used on the server. Server software can be fingerprinted by quirks in how they respond to specific requests.\\n\\nBy default, Express.js sends the X-Powered-By response header banner. This can be disabled using the app.disable() method:\\n\\n\`\`\`javascript\\n  app.disable('x-powered-by')\\n\`\`\`\\n\\n## Resources\\n\\n- [Express Security Best Practices](https://expressjs.com/en/advanced/best-practice-security.html)\\n",
       "documentation_url": "https://docs.bearer.com/reference/rules/javascript_express_reduce_fingerprint",
       "line_number": 4,
       "full_filename": "/tmp/bearer-scan/insecure.js",